Storing sensitive data in encrypted cache

What is Encrypted Cache?

Encrypted Cache is a mechanism for storing sensitive data on the client side.
Encrypted Cache is implemented by using HTML5 web storage technology, which allows data to be saved locally and retrieved on subsequent application use or relaunch.

The Data is encrypted using a combination of a user-provided key and a server-retrieved randomly generated token, which makes it more secure
Data is stored in key-value pairs.
Encrypted Cache is like a security deposit box – it remains open until you close it, so it is important to remember to close the cache when finished working with it.

Encrypted Cache is similar to technologies such as:

Local web or DOM storage

Indexed database API

Cordova API: Storage API or File API

JSONStore

The table on the next slide shows how some features provided by Encrypted Cache compare with other technologies.

(1): These features are further described in the module JSONStore – Common JSONStore usage.
(2): Reliable Storage means that your data is not deleted unless the application is removed from the device or one of the methods that removes data is called.
(3): Dev. Only means that it is designed only for development. There are no security features and a ~5 MB storage space limit.

Closing and destroying Encrypted Cache

To avoid possible undesired access to Encrypted Cache, close it.
After an encrypted cache is closed, access to its data is not possible without the encryption key that was used to create it.
To close the encrypted cache, use the following API: